@Ben,I need X. @James,X by default is random everytime you use the whole algoritm.I need to get that random number always.I know the other two,they are static.I also know the result.I have to reverse that function and then put the result and the other two parameters I know to get X.
–
Ivan ProdanovApr 24 '09 at 4:41

However, if the poster does solve this problem, I've got this RSA system I'm trying to break...
–
Stefan KendallApr 24 '09 at 5:05

5

the "mod" is the problem. You won't break this ever. 5 mod 2 has the same result as 7 mod 2 and 9 mod 4 and so on. You can't determine the input based on the output. There is an infinity of input combinations that result in the desired output. Go to sleep.
–
Andrei RîneaApr 24 '09 at 21:09

Exactly. You're not supposed to get X. You're supposed to check whether the client knew the correct x by sending it different G and P, and check if their results agree with yours. But at no point is x supposed to be transmitted.
–
Tim LinApr 29 '09 at 15:20

Not impossible, just that there are multiple answers (and not due to the << but due to the %). Is this fast enough for you?... x=0; do { if (Func_4(P,x,G)==I) then return x; x++; } while (x!=0);
–
Doug CurrieApr 24 '09 at 14:54

and if the value Y does not have fractions, then they are the Set of multiple "X" answers to your problem.

Assume X1 is the first X value which does not have fractions and X2 is the second X Value which does not have fractions. Then Set of all X can be given in the equation X(S) = X1 + (X2-X1) * S where S=0 to UINT32( (MAXUINT32-X1) / (X2-X1) ).

That is due to if
1= Pow(G,T) mod P and then Pow(G,X+T) mod P = Pow(G,X) mod P * Pow(G,T) mod P which is
also Pow(G,X) mod P. Hence X, X+T, X+2T, X+3T... all will have same values..

I seriously think you're abusing this algorithm. From your description, and from looking at the algorithm, it's pretty clear that this is designed to go forward only. Think of it as computing a checksum of X using keys P and G.